Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/H91Z1eOrvH93PmaCrQiK5RQjv78.roa
File:                     H91Z1eOrvH93PmaCrQiK5RQjv78.roa (raw, json)
Hash identifier:          sHPNdQ5mkBQc4y7Rai3gh2ZSAWFY33ZsWt4D8XWBDXY=
Subject key identifier:   1F:DD:59:D5:E3:AB:BC:7F:77:3E:66:82:AD:08:8A:E5:14:23:BF:BF
Certificate issuer:       /CN=1f61aa5d1befd7a0fe3e4dfe3aa8da73efcfba34
Certificate serial:       01856DD418FEA5FE86B1B9243529D10B52DF
Authority key identifier: 1F:61:AA:5D:1B:EF:D7:A0:FE:3E:4D:FE:3A:A8:DA:73:EF:CF:BA:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H2GqXRvv16D-Pk3-Oqjac-_PujQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/H91Z1eOrvH93PmaCrQiK5RQjv78.roa
Signing time:             Sun 01 Jan 2023 14:54:54 +0000
ROA not before:           Sun 01 Jan 2023 14:54:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60767
IP address blocks:        45.95.204.0/22 maxlen: 24
                          2a0e:3940:1000::/36 maxlen: 44
                          2a0e:3940:d000::/36 maxlen: 36
                          2a0e:3940:f000::/36 maxlen: 36
                          2a0e:3940::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 03 Jan 2023 14:13:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:d4:18:fe:a5:fe:86:b1:b9:24:35:29:d1:0b:52:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f61aa5d1befd7a0fe3e4dfe3aa8da73efcfba34
        Validity
            Not Before: Jan  1 14:54:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1fdd59d5e3abbc7f773e6682ad088ae51423bfbf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:ee:c8:3b:06:6b:de:2e:04:4a:40:07:1d:fb:
                    b2:b4:ac:d9:16:09:d1:e5:aa:81:b7:cc:19:42:2a:
                    cc:30:6d:a7:d1:ab:9e:03:1e:7b:46:6e:e3:10:65:
                    0f:f3:75:e7:b3:4f:01:4a:a0:f6:fc:f5:14:0a:0f:
                    8c:20:9c:c7:24:71:d2:4a:3b:dc:14:bc:06:e4:e7:
                    71:12:33:a8:fc:76:3b:c0:2e:07:0a:56:8f:12:09:
                    bb:e6:1d:77:02:26:b4:61:de:48:ea:92:f1:ef:31:
                    ef:67:f5:99:81:4b:a8:42:c1:ea:52:67:cc:8b:2d:
                    8f:a4:4e:92:bd:ff:84:b1:86:c8:8b:ce:2a:ea:3c:
                    f7:6a:50:44:a7:84:03:25:e1:ef:1c:c3:be:40:ba:
                    98:3a:79:3f:ac:2f:55:0d:88:1a:d1:4d:55:70:66:
                    e8:78:61:0a:82:00:67:59:e8:81:47:37:80:71:b5:
                    bb:89:4b:40:1e:1b:b1:76:94:20:b3:a6:43:97:77:
                    73:3b:9a:b5:f8:4c:6a:2b:47:70:a3:92:0d:17:cd:
                    9e:1f:e1:a8:31:64:08:26:1d:5b:8a:38:58:c7:96:
                    f0:67:f1:3b:4a:3d:15:12:e4:3b:8c:19:a4:f0:e6:
                    a2:18:8b:65:8e:8a:47:15:8b:19:9f:50:c4:44:05:
                    e0:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:DD:59:D5:E3:AB:BC:7F:77:3E:66:82:AD:08:8A:E5:14:23:BF:BF
            X509v3 Authority Key Identifier:
                keyid:1F:61:AA:5D:1B:EF:D7:A0:FE:3E:4D:FE:3A:A8:DA:73:EF:CF:BA:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H2GqXRvv16D-Pk3-Oqjac-_PujQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/H91Z1eOrvH93PmaCrQiK5RQjv78.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/H2GqXRvv16D-Pk3-Oqjac-_PujQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.95.204.0/22
                IPv6:
                  2a0e:3940::/29

    Signature Algorithm: sha256WithRSAEncryption
         63:64:a3:ff:64:67:77:e1:31:bf:8a:25:53:de:70:9c:15:91:
         df:4d:cc:42:2e:dc:d1:fe:cf:68:0d:ef:c0:c2:c6:6e:71:ff:
         99:7e:a3:4a:b7:eb:4b:ce:1b:35:cd:e8:e3:aa:43:27:a2:a0:
         35:50:17:40:aa:74:63:19:e7:30:ad:72:57:91:34:81:b7:ac:
         f6:cd:b4:1e:85:f6:c5:f7:72:72:17:c4:a5:eb:ab:7e:13:92:
         e2:9b:02:38:2d:35:74:47:2d:b4:5c:02:5b:d9:b3:77:05:e1:
         ed:cb:44:a1:94:e8:9a:07:dd:95:bf:9a:f0:75:6e:cc:71:5a:
         3a:84:9d:30:71:ef:9c:43:a8:a6:37:fc:0a:a2:b7:30:09:b0:
         54:7a:a2:eb:ea:2f:72:c0:45:f5:99:f2:d0:b7:48:6c:16:78:
         14:a4:0a:74:cb:59:b4:52:77:c1:6f:44:39:e6:95:53:4c:59:
         de:df:b6:7e:dd:81:65:25:2d:6a:1e:60:57:11:4e:09:6f:bf:
         ae:37:54:ef:7a:84:75:6a:6f:dd:44:3e:03:ab:d8:a2:db:18:
         1e:f2:58:4b:1d:89:e5:d8:ac:da:d7:0e:26:19:23:40:47:67:
         4c:52:2f:8a:aa:b8:d8:b3:e4:11:3d:c3:ae:99:e8:de:e5:6a:
         3e:c3:ce:f9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVt1Bj+pf6GsbkkNSnRC1LfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNjFhYTVkMWJlZmQ3YTBmZTNlNGRmZTNhYThkYTczZWZj
ZmJhMzQwHhcNMjMwMTAxMTQ1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmRkNTlkNWUzYWJiYzdmNzczZTY2ODJhZDA4OGFlNTE0MjNiZmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1u7IOwZr3i4ESkAHHfuytKzZFgnR
5aqBt8wZQirMMG2n0aueAx57Rm7jEGUP83Xns08BSqD2/PUUCg+MIJzHJHHSSjvc
FLwG5OdxEjOo/HY7wC4HClaPEgm75h13Aia0Yd5I6pLx7zHvZ/WZgUuoQsHqUmfM
iy2PpE6Svf+EsYbIi84q6jz3alBEp4QDJeHvHMO+QLqYOnk/rC9VDYga0U1VcGbo
eGEKggBnWeiBRzeAcbW7iUtAHhuxdpQgs6ZDl3dzO5q1+ExqK0dwo5INF82eH+Go
MWQIJh1bijhYx5bwZ/E7Sj0VEuQ7jBmk8OaiGItljopHFYsZn1DERAXgfwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFB/dWdXjq7x/dz5mgq0IiuUUI7+/MB8GA1UdIwQY
MBaAFB9hql0b79eg/j5N/jqo2nPvz7o0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDJHcVhSdnYxNkQtUGszLU9xamFjLV9QdWpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8wYWQ0MTQtM2RmMS00YjM4LTg2OWUt
YzYyMWU4ZGY5NWZmLzEvSDkxWjFlT3J2SDkzUG1hQ3JRaUs1UlFqdjc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8wYWQ0MTQtM2RmMS00YjM4LTg2OWUtYzYyMWU4ZGY5NWZm
LzEvSDJHcVhSdnYxNkQtUGszLU9xamFjLV9QdWpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLV/MMA0E
AgACMAcDBQMqDjlAMA0GCSqGSIb3DQEBCwUAA4IBAQBjZKP/ZGd34TG/iiVT3nCc
FZHfTcxCLtzR/s9oDe/AwsZucf+ZfqNKt+tLzhs1zejjqkMnoqA1UBdAqnRjGecw
rXJXkTSBt6z2zbQehfbF93JyF8Sl66t+E5LimwI4LTV0Ry20XAJb2bN3BeHty0Sh
lOiaB92Vv5rwdW7McVo6hJ0wce+cQ6imN/wKorcwCbBUeqLr6i9ywEX1mfLQt0hs
FngUpAp0y1m0UnfBb0Q55pVTTFne37Z+3YFlJS1qHmBXEU4Jb7+uN1TveoR1am/d
RD4Dq9ii2xge8lhLHYnl2Kza1w4mGSNAR2dMUi+KqrjYs+QRPcOumeje5Wo+w875
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:26 2024 by rpki-client on console-ams.rpki-client.org